package com.smartstate.dataManagement.security;

import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;

import javax.annotation.Resource;


import com.smartstate.dataManagement.constant.GlobalsConstants;
import com.smartstate.dataManagement.exception.CommonException;
import com.smartstate.dataManagement.mapper.OauthClientDetailsMapper;
import com.smartstate.dataManagement.vo.ResultCode;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import org.springframework.cache.annotation.Cacheable;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.oauth2.provider.client.BaseClientDetails;
import org.springframework.stereotype.Service;

import java.util.Arrays;

@Service("oauthClientDetailsService")
@Slf4j
public class OauthClientDetailsServiceImpl extends ServiceImpl<OauthClientDetailsMapper, OauthClientDetails> implements OauthClientDetailsService {

    @Resource
    private OauthClientDetailsMapper oauthClientDetailsMapper;

    @Override
    @Cacheable(value= GlobalsConstants.REDIS_CLIENT_CACHE,unless = "#result == null", key="T(com.smartstate.dataManagement.constant.GlobalsConstants).CLIENT_DETAILS_KEY_OAUTH.concat(T(String).valueOf(#clientId))")
    public BaseClientDetails findOauthClientDetailsByClientId(String clientId) {
        OauthClientDetails oauthClientDetailsByClientId = oauthClientDetailsMapper.getOauthClientDetailsByClientId(clientId);
        if (oauthClientDetailsByClientId == null) {
            throw new CommonException(ResultCode.CLIENT_ERROR);
        }
        BaseClientDetails clientDetails = new BaseClientDetails();
        //客户端(client)id
        clientDetails.setClientId(oauthClientDetailsByClientId.getClientId());
        //客户端所能访问的资源id集合
        if (StringUtils.isNotEmpty(oauthClientDetailsByClientId.getResourceIds())) {
            clientDetails.setResourceIds(Arrays.asList(oauthClientDetailsByClientId.getResourceIds().split(",")));
        }
        //客户端(client)的访问密匙
        clientDetails.setClientSecret(new BCryptPasswordEncoder().encode(oauthClientDetailsByClientId.getClientSecret()));
        //客户端支持的grant_type授权类型
        clientDetails.setAuthorizedGrantTypes(Arrays.asList(oauthClientDetailsByClientId.getAuthorizedGrantTypes().split(",")));
        //客户端申请的权限范围
        clientDetails.setScope(Arrays.asList(oauthClientDetailsByClientId.getScope().split(",")));
        Integer accessTokenValidity = oauthClientDetailsByClientId.getAccessTokenValidity();
        if (accessTokenValidity != null && accessTokenValidity > 0) {
            //设置token的有效期，不设置默认12小时
            clientDetails.setAccessTokenValiditySeconds(accessTokenValidity);
        }
        Integer refreshTokenValidity = oauthClientDetailsByClientId.getRefreshTokenValidity();
        if (refreshTokenValidity != null && refreshTokenValidity > 0) {
            //设置刷新token的有效期，不设置默认30天
            clientDetails.setRefreshTokenValiditySeconds(refreshTokenValidity);
        }
        clientDetails.isAutoApprove(oauthClientDetailsByClientId.getAutoapprove());
        log.info("clientId是：" + clientId);
        return clientDetails;
    }
}